02 September 2026
,
Jakarta

FraudSense Indonesia 2026

Indonesia's dedicated event for fraud defence in the AI economy

Request InvitationPartner with us
AI vs AI: The New Frontline in Fraud, Identity and Trust
Indonesia's digital economy has pushed financial interaction further away from the bank than almost anywhere else in the world. QRIS, BI-Fast, super apps, e-wallets, embedded finance, and platform-driven payments now mediate how millions of consumers transact daily, while fraud moves fluidly across banks, fintechs, telecoms, marketplaces, and payment rails that were never designed to share intelligence with each other.

AI-generated scams, synthetic identities, deepfake impersonation, and voice-cloned fraud operations are scaling rapidly across the ecosystem, forcing institutions to deploy AI-driven detection, investigation, authentication, and response models at unprecedented speed.

FraudSense Indonesia convenes the senior leaders rebuilding fraud, AML, identity, cybersecurity, payments, and digital trust architectures for this new operating reality. The summit examines how institutions are restructuring response models, coordinating defence across fragmented payment ecosystems, and defending against threats operating at machine speed — protecting the customer trust holding one of the world's most distributed financial economies together.

Why FraudSense, why now
0 M+
USD fraud losses reported to IASC in one year
0 %
surge in AI-driven fraud across Indonesia’s fintech sector
66 %
of Indonesian adults encountered a scam in the past year
0 B
USD QRIS payments processed in Q1/25 alone
Who will be there
A cross-functional room of leaders responsible for fraud response, digital trust, and financial resilience across Indonesia
ROLES

Chief Risk Officers
Chief Compliance Officers
Chief Information Security Officers
Heads of Fraud & Financial Crime
Heads of Payments Risk & Digital Trust
Heads of Authentication & Identity Security

ORGANISATION TYPES

Banks & Digital Banks
Fintech & Payments Platforms
Telecoms & Digital ID Providers
Insurance Providers
E-Commerce & Retail Platforms
Regulators & Infrastructure

What makes FraudSense unique
Built for institutions responding to fraud operating at machine speed
Built around live operational pressure
FraudSense is designed around the operational problems institutions are dealing with now — AI-generated scams, synthetic identities, APP fraud, mule networks, deepfake impersonation, and machine-speed social engineering. The agenda focuses on investigation realities, AI-native response models, reimbursement pressure, detection workflows, and implementation challenges facing fraud and financial crime teams.
Cross-functional by design
Modern fraud no longer sits inside a single function or institution. FraudSense brings together leaders across fraud, AML, cybersecurity, identity, payments, telecoms, digital trust, and risk — reflecting how fraud now moves fluidly across organisational silos, customer channels, payment rails, digital platforms, marketplaces, and financial ecosystems.
AI-native defence, not AI hype
The summit focuses on how institutions are deploying AI across detection, authentication, investigation, orchestration, and response workflows. Discussions are operational rather than theoretical — centred on what is already working, where institutions are struggling, and how defence models are evolving as both fraud and response begin operating at machine speed.
Agenda

8:00

9:00

Registration

    9:00

    9:05

    Opening Remarks

      9:05

      9:35

      When the Customer No Longer Sees the Bank: Defending an Interface AI Now Mediates

      Indonesia has lost something other markets keep — the customer's direct relationship with the bank. Daily interaction lives inside super-apps, the merchant layer runs through QRIS, and detection now depends on behavioural models reading signals the bank never sees directly. The IASC has logged 432,000 scam reports, IDR 9.1 trillion in losses, and 7.6 percent recovery. The fraud function must defend a system it no longer touches, through intelligence it does not own.
      • The customer relationship sits in the super-app layer. Where does the fraud team's AI operate when it no longer holds the interface?
      • OJK 2024 set the compliance floor. What does the operator build beyond it to defend a customer detection models barely see?
      • Recovery sits at 7.6 percent. Where does the institution invest — detection, model speed, freezing, or restitution — to move it?
      • The three-year architecture runs across shared rails. What does the licensed entity commit to now, and where does AI carry it?

      9:35

      9:50

      How We Solved...

      A practical case study on a real industry challenge, the approach taken, and results achieved.

        9:50

        10:20

        The Super-App Rail: Catching AI-Scaled Mule Layering When Visibility Lives Elsewhere

        Indonesia's super-apps host the journey end-to-end — 90-second onboarding, e-wallet balance, QRIS, increasingly credit. The bank holds deposits and accountability but is blind to the journey behind the transaction. Synthetic identities deploy across wallets in parallel, mule networks layer micro-transactions below thresholds, and cross-border QRIS into ASEAN, Korea, and China now carries offshore patterns only behavioural AI catches. The question is whether model-driven defence works when responsibility and visibility live apart.
        • Mule networks layer micro-transactions below thresholds across wallets. How does the institution's model catch structured layering it only sees post-settlement?
        • Synthetic identities deploy across wallets in parallel. Where does the cross-wallet behavioural signal sit when account-level KYC structurally cannot detect it?
        • Super-apps hold the behavioural signal; banks hold the transaction. Where does shared model intelligence become viable before it collides with PDP Law?
        • Cross-border QRIS extends the fraud surface offshore. How does the bank act on a model alert when the originating signal sits outside its reach?

        10:20

        10:25

        The Room Speaks: Morning Pulse

        A live audience pulse check capturing the priorities, pressures, and challenges shaping fraud and financial crime defence today.

          10:25

          11:05

          Networking Break

            11:05

            11:35

            The Android Layer: Defeating OTP-Interception Malware with Device and Behavioural AI

            Indonesian authentication runs on Android, and the OTP has anchored bank login, e-wallet transfers, and QRIS for a decade. Malicious apps now intercept OTPs at scale; accessibility-service abuse lets attackers read SMS and hijack sessions while the customer believes the app is legitimate. The assumption that controlling the phone equals controlling the account is operationally dead. The institution must rebuild authentication around device intelligence and behavioural models against professional malware.
            • OTP delivery anchored Indonesian authentication. What does the fraud team deploy when malware breaks the OTP assumption faster than rules adapt?
            • Accessibility-service abuse is industrialised. Where does behavioural detection sit without breaking the legitimate accessibility case for vulnerable customers?
            • Device and behavioural signals are the replacement. What breaks when models run across the Android estate Indonesians actually use — and how is a model-driven block explained to a regulator?
            • e-KTP anchors KYC system-wide. What changes about identity assurance when the device the e-KTP bound to is no longer trustworthy?

            11:35

            11:50

            How We Solved...

            A practical case study on a real industry challenge, the approach taken, and results achieved.

              11:50

              12:20

              When Fraud Crosses the Rail: Who Carries the Loss Across Banks, Super-Apps, and Wallets?

              When a fraudulent transaction moves from a super-app wallet through a bank rail to a mule account, the loss lands somewhere — but rarely where the customer relationship sits. Indonesia's layered payment ecosystem has created a fragmented accountability map where banks, super-apps, e-wallets, and PSPs each hold part of the transaction but none holds the whole picture. This panel examines where liability actually falls today, how institutions negotiate recovery, and what a workable shared-accountability model could look like.
              • A scam payment crosses a super-app wallet, a bank rail, and a mule account. Today, who actually absorbs the loss?
              • Super-apps own onboarding and the customer relationship; banks hold the licence and the rail. Should accountability follow the relationship or the licence?
              • Inter-institutional fraud recovery currently depends on informal cooperation. What would a formal, fast settlement mechanism between players require to work?
              • While institutions argue over who pays, fraud response slows. Where is shared accountability already emerging through commercial agreement rather than regulation?

              12:20

              12:35

              How We Solved...

              A practical case study on a real industry challenge, the approach taken, and results achieved.

                12:35

                13:05

                Pig Butchering, Deepfake Endorsements, and an AI Scam Economy Outrunning the Warning

                Indonesia is among the hardest-hit markets globally for organised scams. Pig-butchering syndicates work victims over weeks; AI-generated videos of public figures now run in active investment-scam campaigns; 89 percent of unknown calls are spam, 44 percent fraud — the highest globally. The scam is voluntary at authorisation — the customer transfers, invests, authenticates. The institution sees the transaction but not the deepfake that convinced the customer, and its warning models must compete with generated content built to defeat them. Behind the syndicates sits a commercialised supply chain — scam scripts, deepfake services, and victim-targeting data sold to order, letting operations scale faster than any single network could alone.
                • Pig butchering runs over weeks. Where does the operator's model intervene when the fraud is relational and the customer believes the conversation is genuine?
                • Deepfake tools and scam kits are sold as a service. What does the team do when professional scam content is cheap and on-demand?
                • 44 percent of unknown calls are fraud. Where does the ecosystem coordinate with telcos to disrupt AI-scaled origination, not just intercept authorisation?
                • Vulnerable customers show different signal patterns. How does the institution build vulnerability-aware decisioning within PDP Law constraints?

                13:05

                14:00

                Mid-day Networking Lunch

                  14:00

                  14:20

                  Internal Fraud After IDR 1.2 Trillion: A Senior Operator on Insider Risk at Indonesian Scale

                  A candid 20-minute Executive Interview with a senior bank operator who has lived through Indonesia's largest insider-fraud incident. The conversation moves past the headlines into what actually changed: how the institution rebuilt internal controls, what it now monitors that it didn't before, and where the line should sit between trust and surveillance for employees with privileged access.
                  • What signals were missed in the lead-up, and what is now monitored that wasn't before
                  • Rebuilding internal controls without destroying operational speed or staff morale
                  • The trust-versus-surveillance line for privileged-access employees in Indonesian institutions

                  14:20

                  14:35

                  How We Solved...

                    14:35

                    15:05

                    The Recovery Gap: IASC, the Single-Report System, and Speeding Money Back at Machine Pace

                    The IASC has processed 432,000 scam reports and blocked 415,000 accounts in twelve months — and recovered 7.6 percent of stolen funds. The recovery gap is becoming the defining operational weakness of the Indonesian system. OJK has signalled a single-report mechanism treating IASC reports as police reports automatically, compressing the reporting-to-freeze window — a window only automated detection and routing can realistically close at the speed instant rails demand.
                    • Recovery sits at 7.6 percent. Where does the institution invest — earlier model detection, faster reporting, faster freezing, or smarter restitution?
                    • The single-report system compresses the recovery window. What does the payments player automate to plug into it on day one?
                    • Cross-sectoral data exchange is the obvious answer. What does real collaboration across banks, e-wallets, and telcos look like under PDP Law?
                    • IASC sees reports, not underlying signals. What model output does the provider open without compromising position or breaching the regulator?

                    15:05

                    15:10

                    The Room Speaks: Mid-Afternoon Pulse

                    A mid-afternoon audience pulse capturing how the room is recalibrating its position on the day's most contested operational and strategic questions.

                      15:10

                      15:25

                      Afternoon Networking Break

                        15:25

                        15:55

                        40 Percent Volume Growth, Flat Headcount: Rebuilding Fraud Ops Around AI Investigation

                        Bank Indonesia processes 4.67 billion digital transactions a month, growing 40 percent year-on-year. Indonesian fraud operations cannot scale headcount linearly with that curve — the talent ceiling is structural and analyst tenure compounds it. Alert volumes are up, the case-management estate is fragmented, and AI-assisted investigation tooling is arriving faster than operations leaders can integrate it. The function inherited from card-era banking has to be rebuilt around models for a market where volume permanently outpaces hiring.
                        • Volumes grow at 40 percent; headcount cannot follow. Where does AI-assisted investigation replace the analyst, where does human judgement stay, and where does OJK accountability sit?
                        • Alert fatigue is structural, not a tuning problem. What does the team change when it accepts model triage cannot reduce volume further alone?
                        • Analyst tenure is short. What does the operator do about a workforce that turns over faster than it transfers knowledge a model could retain?
                        • Orchestration platforms promise integration. What does the buyer actually get at Indonesian volumes, and where does the model fall short of the claim?

                        15:55

                        16:20

                        Who Owns Trust in 2030, When the Algorithm Decides First?

                        The Indonesian system has reorganised the customer relationship around super-apps while leaving accountability with the licensed institution. The day has mapped the gaps — detection, authentication, liability, recovery, scale. This close does not revisit them. It asks the harder question: given everything the room now knows, what does the institution commit to over the next eighteen months, and who carries accountability as decisioning increasingly moves beyond human review?
                        • Every session today exposed a gap no institution closes alone. Which one does the ecosystem fix first, and who leads it?
                        • Trust is becoming the product, not the by-product. What does an institution that truly owns trust do differently?
                        • The next 18 months shape the coordination model for a decade. What has to be true by mid-2027 to stay ahead?
                        • The algorithm increasingly decides what no human reviews in real time. When those decisions fail, where does accountability sit?

                        16:20

                        16:25

                        The Room Speaks: Closing Pulse

                        A final audience reflection measuring how perspectives shifted across the day's discussions.

                          16:25

                          16:30

                          Closing Remarks

                            Contact Us
                            Whether attending as a delegate or exploring sponsorship, contact us to discover exciting opportunities at our upcoming events.
                            Thank you! Your submission has been received!
                            Oops! Something went wrong while submitting the form.
                            © Copyright 2026-28
                            Terms of UsePrivacy Policy